AESFile Class
Properties Methods Events Config Settings Errors
The AESFile class implements the AESF file format and uses the XTS-AES standard with 256-bit encryption.
Syntax
class ipworksencrypt.AESFile
Remarks
The AESFile component provides robust encryption capabilities to securely store and retrieve data using XTS-AES 256-bit encryption. This component implements the AESF file format, enabling developers to encrypt arbitrary data and serialize it in a standardized manner.
The first step in using the component is to set password property. Specify the input data using input_file or input_message. Next, call encrypt and the component will encrypt the input data and populate output_message, or write to the file specified by output_file with the result.
To change the password of existing file encrypted in AESF format, or to encrypt a file under a different password call change_password. To decrypt data, first set password property. Specify the input data using input_file or input_message. Next, call decrypt and the component will compute the plaintext and populate output_message or write to output_file with the result.
AES File Format
The AES file format used by AES Drive is documented below in detail. All algorithms used by AES Drive are standards and publicly documented.
Each encrypted file consists of a header and the encrypted contents. The header is 144 bytes in length and contains the AES file format version, a checksum of the header bytes, and the encrypted file-specific key and padding length. The original file data is encrypted using XTS-AES with file-specific keys that are derived from a master key for the drive.
| 4 bytes [0-3] | AESF. This is a file signature value which indicates the file is formatted according to this specification. | ||||||||
| 1 byte [4] | 0x01. This is the file format version. This documentation defines the format for version 1. | ||||||||
| 2 bytes [5-6] | Build number of the application used to create the file. These two bytes represent a 16-bit integer holding the build number of AES Drive that created the file. This field is informational only. Byte 5 holds the high-order bits and byte 6 holds the low-order bits. To decode these bytes into the build number the following code may be used:
int buildNumber = headerBytes[5] << 8 | headerBytes[6];
| ||||||||
| 5 bytes [7-11] | 0x00. Reserved for future use. | ||||||||
| 4 bytes [12-15] | CRC32 checksum. The CRC32 checksum is calculated by first replacing these 4 bytes with 0x00 then computing the checksum over the 144 byte header. The resulting numeric value is converted into 4 bytes using the operation:
| ||||||||
| 16 bytes [16-31] | Global salt value. The global salt value is a random value created when the drive is created and used when encrypting newly created files within the drive. It is used when deriving the key to decrypt the encrypted header portion. See the section below for details about the encrypted header portion. | ||||||||
| 16 bytes [32-47] | File-specific salt value. The file-specific salt value is a random value created when the file is created. It is used when deriving the key to decrypt the encrypted header portion. See the section below for details about the encrypted header portion. | ||||||||
| 80 bytes [48-127] | AES-GCM encrypted header portion. The steps to derive the key to decrypt the encrypted header portion are as follows:
The derived Key and IV are used together with the AES-GCM Auth Tag which are the last 16 bytes of the 144 byte header to AES-GCM decrypt the 80 byte encrypted header portion. The decrypted header portion contains:
| ||||||||
| 16 bytes [128-143] | AES-GCM auth tag. This auth tag is used when decrypting the previous 80 byte encrypted header portion. | ||||||||
| nn bytes | The XTS-AES 256 encrypted file content. The data unit size is 512 bytes. The first 32 bytes of the file-specific encryption key from the decrypted header is the first key. The last 32 bytes of the file-specific encryption key from the decrypted header is the second key. | ||||||||
| 512 bytes |
The last 512 bytes of the encrypted file contain encrypted padding bytes and additional unencrypted random bytes. When encrypting, the last plaintext block of data may be padded with random bytes as needed to reach 512 bytes in length (the data unit size). The padding length is encrypted and stored in the encrypted header portion. Once the data is encrypted additional random bytes are appended to the end of the encrypted file so that the padding bytes plus additional random bytes together are 512 bytes in length. For instance if the padding is 100 bytes in length, then 412 additional bytes will be appended to the encrypted data to reach a total of 512 bytes. This scheme allows applications to easily determine the length of the decrypted file without having to first decrypt the encrypted header portion to obtain the padding length. The decrypted file length can be computed like so:
When decrypting, the padding length is determined from the encrypted header. The number of additional random bytes is 512 minus the padding length. The additional random bytes are discarded before using XTS-AES to decrypt the file content. After decrypting the file content, the padding bytes in the decrypted content are discarded.
|
Property List
The following is the full list of the properties of the class with short descriptions. Click on the links for further details.
| global_salt | The additional random data to compute encryption keys. |
| input_file | The file to process. |
| input_message | The message to process. |
| output_file | The output file when encrypting or decrypting. |
| output_message | The output message after processing. |
| overwrite | Indicates whether or not the class should overwrite files. |
| password | The password to be used to calculate encryption and decryption keys. |
| salt | The additional random data included in the file header. |
| version | The AESF file format version number. |
Method List
The following is the full list of the methods of the class with short descriptions. Click on the links for further details.
| change_password | Changes the password for the specified file. |
| config | Sets or retrieves a configuration setting. |
| decrypt | Decrypts the data. |
| encrypt | Encrypts the data. |
| reset | Resets the class. |
Event List
The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.
| on_error | Fired when information is available about errors during data delivery. |
| on_log | Fires with log information during processing. |
| on_progress | Fired as progress is made. |
Config Settings
The following is a list of config settings for the class with short descriptions. Click on the links for further details.
| BuildNumber | The build number of the encrypted data. |
| LogLevel | Specifies the level of detail that is logged. |
| WriteToProgressEvent | Whether to write output data so it is accessible from inside the progress event. |
| BuildInfo | Information about the product's build. |
| CodePage | The system code page used for Unicode to Multibyte translations. |
| LicenseInfo | Information about the current license. |
| MaskSensitiveData | Whether sensitive data is masked in log messages. |
| ProcessIdleEvents | Whether the class uses its internal event loop to process events when the main thread is idle. |
| SelectWaitMillis | The length of time in milliseconds the class will wait when DoEvents is called if there are no events to process. |
| UseFIPSCompliantAPI | Tells the class whether or not to use FIPS certified APIs. |
| UseInternalSecurityAPI | Whether or not to use the system security libraries or an internal implementation. |
global_salt Property
The additional random data to compute encryption keys.
Syntax
def get_global_salt() -> bytes: ... def set_global_salt(value: bytes) -> None: ...
global_salt = property(get_global_salt, set_global_salt)
Default Value
""
Remarks
This is an optional property and will be populated when decrypt is called. When this property is set, it will provide additional randomness to encryption. The length of the salt must be 16 bytes.
The global salt will be used during generation of a key and IV. It can optionally be set before calling the encrypt method. It is recommended to use a unique and randomly generated value. If it is not set, then the class will generate a value automatically.
input_file Property
The file to process.
Syntax
def get_input_file() -> str: ... def set_input_file(value: str) -> None: ...
input_file = property(get_input_file, set_input_file)
Default Value
""
Remarks
This property specifies the file to be processed. Set this property to the full or relative path to the file which will be processed.
Input and Output Properties
The class will determine the source and destination of the input and output based on which properties are set.
The order in which the input properties are checked is as follows:
- input_file
- input_message
When a valid source is found, the search stops. The order in which the output properties are checked is as follows:
- output_file
- output_message: The output data is written to this property if no other destination is specified.
input_message Property
The message to process.
Syntax
def get_input_message() -> bytes: ... def set_input_message(value: bytes) -> None: ...
input_message = property(get_input_message, set_input_message)
Default Value
""
Remarks
This property specifies the message to be processed.
Input and Output Properties
The class will determine the source and destination of the input and output based on which properties are set.
The order in which the input properties are checked is as follows:
- input_file
- input_message
When a valid source is found, the search stops. The order in which the output properties are checked is as follows:
- output_file
- output_message: The output data is written to this property if no other destination is specified.
output_file Property
The output file when encrypting or decrypting.
Syntax
def get_output_file() -> str: ... def set_output_file(value: str) -> None: ...
output_file = property(get_output_file, set_output_file)
Default Value
""
Remarks
This property specifies the file to which the output will be written when encrypt or decrypt is called. This may be set to an absolute or relative path.
This property is only applicable to encrypt and decrypt.
Input and Output Properties
The class will determine the source and destination of the input and output based on which properties are set.
The order in which the input properties are checked is as follows:
When a valid source is found, the search stops. The order in which the output properties are checked is as follows:
- output_file
- output_message: The output data is written to this property if no other destination is specified.
output_message Property
The output message after processing.
Syntax
def get_output_message() -> bytes: ...
output_message = property(get_output_message, None)
Default Value
""
Remarks
This property will be populated with the output from the operation if output_file is not set.
Input and Output Properties
The class will determine the source and destination of the input and output based on which properties are set.
The order in which the input properties are checked is as follows:
When a valid source is found, the search stops. The order in which the output properties are checked is as follows:
- output_file
- output_message: The output data is written to this property if no other destination is specified.
This property is read-only.
overwrite Property
Indicates whether or not the class should overwrite files.
Syntax
def get_overwrite() -> bool: ... def set_overwrite(value: bool) -> None: ...
overwrite = property(get_overwrite, set_overwrite)
Default Value
FALSE
Remarks
This property indicates whether or not the class will overwrite output_file. If overwrite is False, an error will be thrown whenever output_file exists before an operation. The default value is False.
password Property
The password to be used to calculate encryption and decryption keys.
Syntax
def get_password() -> str: ... def set_password(value: str) -> None: ...
password = property(get_password, set_password)
Default Value
""
Remarks
When this property is set the class will use PBKDF2 to derive an XTS master key. This must be set before calling encrypt or decrypt.
While there are no strict format or length requirements, it is recommended to use complex passwords. Once set, the password is transformed and never held in plaintext in memory.
salt Property
The additional random data included in the file header.
Syntax
def get_salt() -> bytes: ... def set_salt(value: bytes) -> None: ...
salt = property(get_salt, set_salt)
Default Value
""
Remarks
This property is optional and will be populated when decrypt is called. When this property is set it will provide additional randomness to encryption at the file level. The length of the salt must be 16 bytes.
The salt will be used within each file as input to encryption. It can optionally be set before calling the encrypt method. It is recommended to use a unique and randomly generated value. If it is not set, then the class will generate a value automatically.
version Property
The AESF file format version number.
Syntax
def get_version() -> int: ... def set_version(value: int) -> None: ...
version = property(get_version, set_version)
Default Value
1
Remarks
This property will be populated when decrypt is called. Possible values are:
| 1 (v1 - Default) |
change_password Method
Changes the password for the specified file.
Syntax
def change_password(path: str, old_password: str, new_password: str) -> None: ...
Remarks
change_password is optional and allows you to update the password used to encrypt an AESF file. This securely changes the password, ensuring that the file remains protected with the new password.
config Method
Sets or retrieves a configuration setting.
Syntax
def config(configuration_string: str) -> str: ...
Remarks
config is a generic method available in every class. It is used to set and retrieve configuration settings for the class.
These settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the config method.
To set a configuration setting named PROPERTY, you must call Config("PROPERTY=VALUE"), where VALUE is the value of the setting expressed as a string. For boolean values, use the strings "True", "False", "0", "1", "Yes", or "No" (case does not matter).
To read (query) the value of a configuration setting, you must call Config("PROPERTY"). The value will be returned as a string.
decrypt Method
Decrypts the data.
Syntax
def decrypt() -> None: ...
Remarks
This method will decrypt the specified data. The password property is required.
Input and Output Properties
The class will determine the source and destination of the input and output based on which properties are set.
The order in which the input properties are checked is as follows:
When a valid source is found, the search stops. The order in which the output properties are checked is as follows:
- output_file
- output_message: The output data is written to this property if no other destination is specified.
encrypt Method
Encrypts the data.
Syntax
def encrypt() -> None: ...
Remarks
This method will encrypt the specified data. The following properties are applicable:
- password (required)
- global_salt
- version
Input and Output Properties
The class will determine the source and destination of the input and output based on which properties are set.
The order in which the input properties are checked is as follows:
When a valid source is found, the search stops. The order in which the output properties are checked is as follows:
- output_file
- output_message: The output data is written to this property if no other destination is specified.
reset Method
Resets the class.
Syntax
def reset() -> None: ...
Remarks
When called, the class will reset all of its properties to their default values.
on_error Event
Fired when information is available about errors during data delivery.
Syntax
class AESFileErrorEventParams(object): @property def error_code() -> int: ... @property def description() -> str: ... # In class AESFile: @property def on_error() -> Callable[[AESFileErrorEventParams], None]: ... @on_error.setter def on_error(event_hook: Callable[[AESFileErrorEventParams], None]) -> None: ...
Remarks
The on_error event is fired in case of exceptional conditions during message processing. Normally the class fails with an error.
The ErrorCode parameter contains an error code, and the Description parameter contains a textual description of the error. For a list of valid error codes and their descriptions, please refer to the Error Codes section.
on_log Event
Fires with log information during processing.
Syntax
class AESFileLogEventParams(object): @property def log_level() -> int: ... @property def message() -> str: ... @property def log_type() -> str: ... # In class AESFile: @property def on_log() -> Callable[[AESFileLogEventParams], None]: ... @on_log.setter def on_log(event_hook: Callable[[AESFileLogEventParams], None]) -> None: ...
Remarks
This event fires during processing with log information. The level of detail that is logged is controlled via the LogLevel.
LogLevel indicates the level of message. Possible values are:
| 0 (None) | No events are logged. |
| 1 (Info - default) | Informational events are logged. |
| 2 (Verbose) | Detailed data is logged. |
| 3 (Debug) | Debug data is logged. |
LogMessage is the log entry.
LogType indicates the type of log. Possible values are:
- "INFO"
- "ENCRYPT"
- "COMPRESS"
- "SIGN"
- "DECRYPT"
- "DECOMPRESS"
- "VERIFY"
- "DEBUG"
on_progress Event
Fired as progress is made.
Syntax
class AESFileProgressEventParams(object): @property def data() -> bytes: ... @property def filename() -> str: ... @property def bytes_processed() -> int: ... @property def percent_processed() -> int: ... # In class AESFile: @property def on_progress() -> Callable[[AESFileProgressEventParams], None]: ... @on_progress.setter def on_progress(event_hook: Callable[[AESFileProgressEventParams], None]) -> None: ...
Remarks
This event is fired automatically as data is encrypted or decrypted by the class. When WriteToProgressEvent is true, the output data is provided through the Data parameter, allowing for it to be streamed out.
Filename contains the name of the file being written. If no file is being written, Filename will contain an empty string, and the output data will be provided exclusively through this event.
The PercentProcessed parameter indicates the current status of the operation.
The BytesProcessed parameter holds the total number of bytes processed so far.
AESFile Config Settings
The class accepts one or more of the following configuration settings. Configuration settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the config method.AESFile Config Settings
| 0 (None) | No events are logged. |
| 1 (Info - default) | Informational events are logged. |
| 2 (Verbose) | Detailed data is logged. |
| 3 (Debug) | Debug data is logged. |
By default, this config is set to false.
Base Config Settings
The following is a list of valid code page identifiers:
| Identifier | Name |
| 037 | IBM EBCDIC - U.S./Canada |
| 437 | OEM - United States |
| 500 | IBM EBCDIC - International |
| 708 | Arabic - ASMO 708 |
| 709 | Arabic - ASMO 449+, BCON V4 |
| 710 | Arabic - Transparent Arabic |
| 720 | Arabic - Transparent ASMO |
| 737 | OEM - Greek (formerly 437G) |
| 775 | OEM - Baltic |
| 850 | OEM - Multilingual Latin I |
| 852 | OEM - Latin II |
| 855 | OEM - Cyrillic (primarily Russian) |
| 857 | OEM - Turkish |
| 858 | OEM - Multilingual Latin I + Euro symbol |
| 860 | OEM - Portuguese |
| 861 | OEM - Icelandic |
| 862 | OEM - Hebrew |
| 863 | OEM - Canadian-French |
| 864 | OEM - Arabic |
| 865 | OEM - Nordic |
| 866 | OEM - Russian |
| 869 | OEM - Modern Greek |
| 870 | IBM EBCDIC - Multilingual/ROECE (Latin-2) |
| 874 | ANSI/OEM - Thai (same as 28605, ISO 8859-15) |
| 875 | IBM EBCDIC - Modern Greek |
| 932 | ANSI/OEM - Japanese, Shift-JIS |
| 936 | ANSI/OEM - Simplified Chinese (PRC, Singapore) |
| 949 | ANSI/OEM - Korean (Unified Hangul Code) |
| 950 | ANSI/OEM - Traditional Chinese (Taiwan; Hong Kong SAR, PRC) |
| 1026 | IBM EBCDIC - Turkish (Latin-5) |
| 1047 | IBM EBCDIC - Latin 1/Open System |
| 1140 | IBM EBCDIC - U.S./Canada (037 + Euro symbol) |
| 1141 | IBM EBCDIC - Germany (20273 + Euro symbol) |
| 1142 | IBM EBCDIC - Denmark/Norway (20277 + Euro symbol) |
| 1143 | IBM EBCDIC - Finland/Sweden (20278 + Euro symbol) |
| 1144 | IBM EBCDIC - Italy (20280 + Euro symbol) |
| 1145 | IBM EBCDIC - Latin America/Spain (20284 + Euro symbol) |
| 1146 | IBM EBCDIC - United Kingdom (20285 + Euro symbol) |
| 1147 | IBM EBCDIC - France (20297 + Euro symbol) |
| 1148 | IBM EBCDIC - International (500 + Euro symbol) |
| 1149 | IBM EBCDIC - Icelandic (20871 + Euro symbol) |
| 1200 | Unicode UCS-2 Little-Endian (BMP of ISO 10646) |
| 1201 | Unicode UCS-2 Big-Endian |
| 1250 | ANSI - Central European |
| 1251 | ANSI - Cyrillic |
| 1252 | ANSI - Latin I |
| 1253 | ANSI - Greek |
| 1254 | ANSI - Turkish |
| 1255 | ANSI - Hebrew |
| 1256 | ANSI - Arabic |
| 1257 | ANSI - Baltic |
| 1258 | ANSI/OEM - Vietnamese |
| 1361 | Korean (Johab) |
| 10000 | MAC - Roman |
| 10001 | MAC - Japanese |
| 10002 | MAC - Traditional Chinese (Big5) |
| 10003 | MAC - Korean |
| 10004 | MAC - Arabic |
| 10005 | MAC - Hebrew |
| 10006 | MAC - Greek I |
| 10007 | MAC - Cyrillic |
| 10008 | MAC - Simplified Chinese (GB 2312) |
| 10010 | MAC - Romania |
| 10017 | MAC - Ukraine |
| 10021 | MAC - Thai |
| 10029 | MAC - Latin II |
| 10079 | MAC - Icelandic |
| 10081 | MAC - Turkish |
| 10082 | MAC - Croatia |
| 12000 | Unicode UCS-4 Little-Endian |
| 12001 | Unicode UCS-4 Big-Endian |
| 20000 | CNS - Taiwan |
| 20001 | TCA - Taiwan |
| 20002 | Eten - Taiwan |
| 20003 | IBM5550 - Taiwan |
| 20004 | TeleText - Taiwan |
| 20005 | Wang - Taiwan |
| 20105 | IA5 IRV International Alphabet No. 5 (7-bit) |
| 20106 | IA5 German (7-bit) |
| 20107 | IA5 Swedish (7-bit) |
| 20108 | IA5 Norwegian (7-bit) |
| 20127 | US-ASCII (7-bit) |
| 20261 | T.61 |
| 20269 | ISO 6937 Non-Spacing Accent |
| 20273 | IBM EBCDIC - Germany |
| 20277 | IBM EBCDIC - Denmark/Norway |
| 20278 | IBM EBCDIC - Finland/Sweden |
| 20280 | IBM EBCDIC - Italy |
| 20284 | IBM EBCDIC - Latin America/Spain |
| 20285 | IBM EBCDIC - United Kingdom |
| 20290 | IBM EBCDIC - Japanese Katakana Extended |
| 20297 | IBM EBCDIC - France |
| 20420 | IBM EBCDIC - Arabic |
| 20423 | IBM EBCDIC - Greek |
| 20424 | IBM EBCDIC - Hebrew |
| 20833 | IBM EBCDIC - Korean Extended |
| 20838 | IBM EBCDIC - Thai |
| 20866 | Russian - KOI8-R |
| 20871 | IBM EBCDIC - Icelandic |
| 20880 | IBM EBCDIC - Cyrillic (Russian) |
| 20905 | IBM EBCDIC - Turkish |
| 20924 | IBM EBCDIC - Latin-1/Open System (1047 + Euro symbol) |
| 20932 | JIS X 0208-1990 & 0121-1990 |
| 20936 | Simplified Chinese (GB2312) |
| 21025 | IBM EBCDIC - Cyrillic (Serbian, Bulgarian) |
| 21027 | Extended Alpha Lowercase |
| 21866 | Ukrainian (KOI8-U) |
| 28591 | ISO 8859-1 Latin I |
| 28592 | ISO 8859-2 Central Europe |
| 28593 | ISO 8859-3 Latin 3 |
| 28594 | ISO 8859-4 Baltic |
| 28595 | ISO 8859-5 Cyrillic |
| 28596 | ISO 8859-6 Arabic |
| 28597 | ISO 8859-7 Greek |
| 28598 | ISO 8859-8 Hebrew |
| 28599 | ISO 8859-9 Latin 5 |
| 28605 | ISO 8859-15 Latin 9 |
| 29001 | Europa 3 |
| 38598 | ISO 8859-8 Hebrew |
| 50220 | ISO 2022 Japanese with no halfwidth Katakana |
| 50221 | ISO 2022 Japanese with halfwidth Katakana |
| 50222 | ISO 2022 Japanese JIS X 0201-1989 |
| 50225 | ISO 2022 Korean |
| 50227 | ISO 2022 Simplified Chinese |
| 50229 | ISO 2022 Traditional Chinese |
| 50930 | Japanese (Katakana) Extended |
| 50931 | US/Canada and Japanese |
| 50933 | Korean Extended and Korean |
| 50935 | Simplified Chinese Extended and Simplified Chinese |
| 50936 | Simplified Chinese |
| 50937 | US/Canada and Traditional Chinese |
| 50939 | Japanese (Latin) Extended and Japanese |
| 51932 | EUC - Japanese |
| 51936 | EUC - Simplified Chinese |
| 51949 | EUC - Korean |
| 51950 | EUC - Traditional Chinese |
| 52936 | HZ-GB2312 Simplified Chinese |
| 54936 | Windows XP: GB18030 Simplified Chinese (4 Byte) |
| 57002 | ISCII Devanagari |
| 57003 | ISCII Bengali |
| 57004 | ISCII Tamil |
| 57005 | ISCII Telugu |
| 57006 | ISCII Assamese |
| 57007 | ISCII Oriya |
| 57008 | ISCII Kannada |
| 57009 | ISCII Malayalam |
| 57010 | ISCII Gujarati |
| 57011 | ISCII Punjabi |
| 65000 | Unicode UTF-7 |
| 65001 | Unicode UTF-8 |
| Identifier | Name |
| 1 | ASCII |
| 2 | NEXTSTEP |
| 3 | JapaneseEUC |
| 4 | UTF8 |
| 5 | ISOLatin1 |
| 6 | Symbol |
| 7 | NonLossyASCII |
| 8 | ShiftJIS |
| 9 | ISOLatin2 |
| 10 | Unicode |
| 11 | WindowsCP1251 |
| 12 | WindowsCP1252 |
| 13 | WindowsCP1253 |
| 14 | WindowsCP1254 |
| 15 | WindowsCP1250 |
| 21 | ISO2022JP |
| 30 | MacOSRoman |
| 10 | UTF16String |
| 0x90000100 | UTF16BigEndian |
| 0x94000100 | UTF16LittleEndian |
| 0x8c000100 | UTF32String |
| 0x98000100 | UTF32BigEndian |
| 0x9c000100 | UTF32LittleEndian |
| 65536 | Proprietary |
- Product: The product the license is for.
- Product Key: The key the license was generated from.
- License Source: Where the license was found (e.g., RuntimeLicense, License File).
- License Type: The type of license installed (e.g., Royalty Free, Single Server).
- Last Valid Build: The last valid build number for which the license will work.
This setting only works on these classes: AS3Receiver, AS3Sender, Atom, Client(3DS), FTP, FTPServer, IMAP, OFTPClient, SSHClient, SCP, Server(3DS), Sexec, SFTP, SFTPServer, SSHServer, TCPClient, TCPServer.
FIPS mode can be enabled by setting the UseFIPSCompliantAPI configuration setting to True. This is a static setting that applies to all instances of all classes of the toolkit within the process. It is recommended to enable or disable this setting once before the component has been used to establish a connection. Enabling FIPS while an instance of the component is active and connected may result in unexpected behavior.
For more details, please see the FIPS 140-2 Compliance article.
Note: This setting is applicable only on Windows.
Note: Enabling FIPS compliance requires a special license; please contact sales@nsoftware.com for details.
Setting this configuration setting to True tells the class to use the internal implementation instead of using the system security libraries.
On Windows, this setting is set to False by default. On Linux/macOS, this setting is set to True by default.
To use the system security libraries for Linux, OpenSSL support must be enabled. For more information on how to enable OpenSSL, please refer to the OpenSSL Notes section.
AESFile Errors
AESFile Errors
| 105 | An invalid parameter was specified. |
| 111 | Overwrite is false and the destination already exists. |
| 112 | No input was specified. |
| 115 | Invalid password. |
| 116 | No password was specified. |
| 202 | The input file is not valid AESF format. |
| 303 | Cannot open file. |
| 304 | Cannot write file. |
| 305 | Cannot read file. |
| 306 | Cannot create file. |